/*
 *英才会硕信息科技有限公司拥有本软件的版权，拥有本软件版权2025   并保留所有权利。
 *Copyright 2021,YCHS Information&Science Technology Co.,Ltd,
 *All rights reserved.
 */
package com.ychs.lawyerback01.aspect;

import com.ychs.lawyerback01.annotation.RequirePermission;
import com.ychs.lawyerback01.common.ResultCode;
import com.ychs.lawyerback01.exception.BussinessException;
import com.ychs.lawyerback01.vo.LoginVo;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/**
 * @author xuehongjin
 * @version 1.0
 * @date 2025/8/14
 */
@Aspect
@Component
public class PermissionAspect {
    @Before("@annotation(com.ychs.lawyerback01.annotation.RequirePermission)")
    public void before(JoinPoint jp){
        //获取request请求中登录的用户信息
        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request =requestAttributes.getRequest();
        LoginVo loginVo = (LoginVo) request.getAttribute("loginUserVo");
        MethodSignature signature =(MethodSignature) jp.getSignature();
        RequirePermission annotation = signature.getMethod().getAnnotation(RequirePermission.class);
        String value = annotation.value();
        if(!loginVo.getPermission().contains(value)){
            throw new BussinessException(ResultCode.METHOD_NOT_PRIVILEGE);
        }
    }
}
